European Data-Breach Rules May Spur Action in Congress (CQ; January 4, 2018) – Full Article Attached

The European Union’s General Data Protection Regulation (GDPR) website has a countdown clock ticking away to May 25, when new rules governing data privacy and reporting requirements for breaches go into effect.  The rules will likely affect companies, nonprofits and others around the world offering products and services to European Union citizens. Companies face fines of up to 4 percent of their global revenues for violations for “not having sufficient customer consent to process data or violating the core of privacy by design concept,” according to the EU. . . Across the Atlantic, Congress may be spurred to pick up the thread from where it left off in 2016. . . A spokeswoman for House Energy and Commerce, which also has responsibility for data protection, said the panel sees “data breach and consumer protection issues” as a priority and is considering proposals “from all angles as we work toward a possible legislative solution.”